Executive Summary

Informations
NameCVE-2011-2494First vendor Publication2012-06-13
VendorCveLast vendor Modification2017-12-28

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score2.1Attack RangeLocal
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2494

CWE : Common Weakness Enumeration

%idName
100 %CWE-200Information Exposure

CPE : Common Platform Enumeration

TypeDescriptionCount
Os1436

OpenVAS Exploits

DateDescription
2012-07-30Name : CentOS Update for kernel CESA-2011:1479 centos5 x86_64
File : nvt/gb_CESA-2011_1479_kernel_centos5_x86_64.nasl
2012-07-09Name : RedHat Update for kernel RHSA-2011:1465-01
File : nvt/gb_RHSA-2011_1465-01_kernel.nasl
2012-03-16Name : Ubuntu Update for linux-ti-omap4 USN-1260-1
File : nvt/gb_ubuntu_USN_1260_1.nasl
2012-03-16Name : Ubuntu Update for linux USN-1275-1
File : nvt/gb_ubuntu_USN_1275_1.nasl
2011-12-09Name : Ubuntu Update for linux-lts-backport-oneiric USN-1294-1
File : nvt/gb_ubuntu_USN_1294_1.nasl
2011-12-02Name : RedHat Update for kernel RHSA-2011:1479-01
File : nvt/gb_RHSA-2011_1479-01_kernel.nasl
2011-12-02Name : Ubuntu Update for linux USN-1285-1
File : nvt/gb_ubuntu_USN_1285_1.nasl
2011-12-02Name : CentOS Update for kernel CESA-2011:1479 centos5 i386
File : nvt/gb_CESA-2011_1479_kernel_centos5_i386.nasl
2011-11-25Name : Ubuntu Update for linux-lts-backport-natty USN-1279-1
File : nvt/gb_ubuntu_USN_1279_1.nasl
2011-11-25Name : Ubuntu Update for linux-ti-omap4 USN-1281-1
File : nvt/gb_ubuntu_USN_1281_1.nasl
2011-11-11Name : Ubuntu Update for linux USN-1253-1
File : nvt/gb_ubuntu_USN_1253_1.nasl
2011-11-11Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1
File : nvt/gb_ubuntu_USN_1256_1.nasl
2011-10-31Name : Ubuntu Update for linux-ec2 USN-1239-1
File : nvt/gb_ubuntu_USN_1239_1.nasl
2011-10-31Name : Ubuntu Update for linux-mvl-dove USN-1240-1
File : nvt/gb_ubuntu_USN_1240_1.nasl
2011-10-31Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1
File : nvt/gb_ubuntu_USN_1241_1.nasl
2011-10-31Name : Ubuntu Update for linux-lts-backport-maverick USN-1242-1
File : nvt/gb_ubuntu_USN_1242_1.nasl
2011-10-31Name : Ubuntu Update for linux USN-1243-1
File : nvt/gb_ubuntu_USN_1243_1.nasl
2011-10-31Name : Ubuntu Update for linux-ti-omap4 USN-1244-1
File : nvt/gb_ubuntu_USN_1244_1.nasl
2011-10-31Name : Ubuntu Update for linux-mvl-dove USN-1245-1
File : nvt/gb_ubuntu_USN_1245_1.nasl
2011-10-21Name : Ubuntu Update for linux USN-1236-1
File : nvt/gb_ubuntu_USN_1236_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
76796Linux Kernel taskstats Access Restriction Weakness Local Information Disclosure

Nessus® Vulnerability Scanner

DateDescription
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1391-1.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO
2014-07-22Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0010.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1479.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO
2013-06-29Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1479.nasl - Type : ACT_GATHER_INFO
2012-10-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8324.nasl - Type : ACT_GATHER_INFO
2012-10-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8325.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111129_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-04-24Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120418.nasl - Type : ACT_GATHER_INFO
2012-02-07Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120129.nasl - Type : ACT_GATHER_INFO
2012-02-07Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120130.nasl - Type : ACT_GATHER_INFO
2011-12-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1294-1.nasl - Type : ACT_GATHER_INFO
2011-11-30Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1285-1.nasl - Type : ACT_GATHER_INFO
2011-11-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1479.nasl - Type : ACT_GATHER_INFO
2011-11-26Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1279-1.nasl - Type : ACT_GATHER_INFO
2011-11-26Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1281-1.nasl - Type : ACT_GATHER_INFO
2011-11-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2011-11-22Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1275-1.nasl - Type : ACT_GATHER_INFO
2011-11-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1260-1.nasl - Type : ACT_GATHER_INFO
2011-11-10Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO
2011-11-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1253-1.nasl - Type : ACT_GATHER_INFO
2011-10-26Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1239-1.nasl - Type : ACT_GATHER_INFO
2011-10-26Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1240-1.nasl - Type : ACT_GATHER_INFO
2011-10-26Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1241-1.nasl - Type : ACT_GATHER_INFO
2011-10-26Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1242-1.nasl - Type : ACT_GATHER_INFO
2011-10-26Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1243-1.nasl - Type : ACT_GATHER_INFO
2011-10-26Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1244-1.nasl - Type : ACT_GATHER_INFO
2011-10-26Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1245-1.nasl - Type : ACT_GATHER_INFO
2011-10-21Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1236-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
CONFIRM http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1...
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
https://bugzilla.redhat.com/show_bug.cgi?id=716842
https://github.com/torvalds/linux/commit/1a51410abe7d0ee4b1d112780f46df87d362...
MLIST http://www.openwall.com/lists/oss-security/2011/06/27/1
SUSE http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
DateInformations
2019-01-25 12:03:59
  • Multiple Updates
2018-11-17 12:02:31
  • Multiple Updates
2018-10-30 12:04:18
  • Multiple Updates
2017-12-29 09:21:54
  • Multiple Updates
2016-07-01 11:07:36
  • Multiple Updates
2016-06-29 00:21:01
  • Multiple Updates
2016-06-28 18:42:32
  • Multiple Updates
2016-04-26 20:51:30
  • Multiple Updates
2015-05-21 13:29:19
  • Multiple Updates
2014-07-23 13:24:36
  • Multiple Updates
2014-02-17 11:03:17
  • Multiple Updates
2013-05-10 23:03:00
  • Multiple Updates
2012-12-19 13:23:52
  • Multiple Updates